CVE-2021-23017

Summary

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

Affected Software

VendorProductVersion RangeStatus
n/aNginx Web Server, Nginx PlusNginx Web Server versions 0.6.18 thru 1.20.0 before 1.20.1, Nginx plus versions R13 thru R23 before R23 P1. Nginx plus version R24 before R24 P1affected

Weaknesses

  • CWE-193: CWE-193

ADP Enrichment

CVE Program Container

Additional References

References